Your data is only yours. We don’t share it. We don’t copy it. We don’t modify it. We don’t access it without your permission. The only thing we do with your data is keep it 100% secure at all times. If you decide to leave us, just ask, and we will remove all of your data permanently. We’ve put all our efforts into maintaining security and confidentiality of your company data. We want you to sleep tight too.
All Productive accounts have secure access over HTTPS (SSL), the same security standard used in online banking. We use all the standard practices for high-level security. Every account is password protected. All passwords pass through a one-way hash-and-salt technique before storing them in the database. This practice ensures password can’t be read or used in any way.
Productive employs best-in-class standards to protect customer data. Add an extra layer of security to your login process using Two-factor Authentication (2FA). Once you turn 2FA on, each user must provide a second piece of information (besides email address and password) to log in.
Only a small subset of members of the Productive team have direct access to the live database. This access is granted on a need-to-know basis and is tightly controlled.
Encryption at Rest provides key protection against data breaches. That means that all the data, including customer data backups, are encrypted even while “resting” in the database.
If you decide to leave us, you get a full copy of your database. Contact us, and we’ll provide you with all your data. Want to access your data via API? No problem, we have you covered. Visit https://developer.productive.io/ for more information on how our API works.
Every day we take automatic database snapshots. We store them for 30 days. We do manual database snapshots once every month and store them for half a year. We have a standby replica of the database in case something physically happens to the original one. Everything is backed up in real time to make sure that your data is safe.
Productive guarantees an uptime service level of at least 99,9% (applicable for users on the Enterprise plan). Most modifications to the production environment do not require system downtime. If it turns out that downtime is necessary, we will try to schedule it on weekends and give you at least 24 hours’ notice. You can find out more here: Service Level Agreement Productive, or check out the status of our services by visiting http://status.productive.io.
Our system is closely monitored 24/7. If anything happens, we know about it immediately and can react. There are real-time reports in place that ensure we’re ready to fix the problem.
We use Stripe as our credit card processor. Card information storage, transmission and processing are completely PCI-Compliant. Every transaction is processed with the same high-level secure encryption just as in a bank. We don’t store your credit info nor do your credit card numbers pass through our servers at any time.
Every piece of equipment our team uses is regularly updated. All workstations have full disk encryption at rest. We regularly apply critical patches and ensure there is no malware on any device.
We use Amazon AWS as our hosting provider. Our servers are part of the Amazon AWS infrastructure and hosted in the EU. The actual location of these data centers is known only to Amazon employees who have a legitimate business need to have such information. Amazon provides a highly secure architecture and restricts unauthorized access.
Amazon is well known for its highly controlled data centers in many countries. They have a robust physical security program with multiple certifications, including an SSAE 16 certification. A number of physical controls are in place to prevent any kind of unauthorized access. If you want to know more, please visit https://aws.amazon.com/security/ Would you like to know more about our security measures? Please contact as at firstname.lastname@example.org and we’ll be happy to answer all your questions.